Assistant Vice President, Cyber Security
Apply now »Date: 25 May 2023
Location: Kuala Lumpur, MY, Malaysia
Company: Khazanah Nasional Berhad
Job Purpose
Plan and manage initiatives and global operations of Safety & Security section which consists of 3 sub-sections: a) Environmental Health Safety & Security, b) Cyber Security and c) Cyber Risk & Compliance based on company needs and industry best practices towards achieving a safe, secure and productive working environment for the organization.
Job Description
- Responsible for managing, reviewing, and monitoring the day-to-day security controls and configuration through several security monitoring tools.
- Responsible for the implementation and maintenance of security applications, tools, and systems. (Email Security, CASB, Vulnerability Scanning, Firewall Security Rules, Cloud IAM, etc.).
- Provides technical guidance to the infrastructure, application team and other relevant stakeholders to enforce cloud security controls.
- Work with the digital engineering and infrastructure team to implement best practices in detection, incident response, infrastructure protection, data protection, identity and access management.
- Assess digital infrastructure changes, access requests or provision of resources for any security or compliance issues
- Participates in activities and strategic initiatives related to information security, product releases and other compliance-related processes and programs.
- Demonstrate in-depth knowledge from Layer 4 and above to secure cloud, web, digital and mobile applications further up the stack
- Responsible for creating reference architecture documentation for the cloud security environment
- Identification of defects and vulnerabilities in new and existing software products using static code analysis, dynamic code analysis and scanning for vulnerabilities.
- Development of recommendations for system developers for addressing the security flaws identified.
Job Requirements
- 5 – 7 years experience in cyber security field with exposures across different functions in cyber security (technical and non-technical)
- Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH) or related certifications is a plus.
- Experience in enterprise-level security management processes, familiar with the relevant security standards and frameworks
- Hands-on experience with cloud technologies like AWS, GCP, Azure, and software development on the latest technology stacks eg Javascript, Python, etc.
- Possesses good command of English language (written and spoken) and good interpersonal and communication skills
Education/Certifications
- Bachelor's degree in Computer Science, Information Security or related field.